All in on UBNT
I'm very familiar with Unifi and airMAX equipment from Ubiquity, and I recently have started a new job for a smallish (not many employees, but lots high volume/dollar sales, type of thing) . They have, in the 30 years of doing business, never had any IT. I've worked a number of positions and have become a decent Jack of all trades, master of none. I was honest with them, and they don't mind me using them to learn more vertically.
So my job is to now take this hodgepodge of stuff, learn a ton of new things, and get them into some semblance of shape.
However, I would like a few opinions, iffin' y'all don't mind.
I'll be installing multiple APs, we have 8 VoIP phones, and three remote buildings that are not business related (family owned company) but leach off the internet via underground fiber and a couple media converters. I want to separate those three remote buildings into individual VLANs, and just rate limit and give them their dumb internet pipes. And of course the phones.... they need removed from that BestBuy sale-day DLink gateway in the closest, asap.
So I *think* a USG Pro, SwitchPro POE, and Cloudkey g2 would be the way to go here, for the layer3 functions. However, I haven't used any of the L3 equipment, so looking for some feedback here. Also, what is the *real* difference between the Cloudkey G2 and G2Plus, is the hard drive only for the cameras, or is there some better use for it. We won't be doing protect.... Although, down the line..... and hey, it has an extra gig of RAM for only $20 more, so I'm guess the plus is the better option 99% of the time?
The TL:DR : - Always buy Cloudkey g2 Plus, for reasons? - How is the Layer3 switching support - Running your entire network off a DLink is terrible - Gear choice gud? - YAY NEW JOREB!
submitted by Slightlyevolved
My local network is a mess, please help me figure out how to rebuild it properly.
My home network has been growing over the years. I've tried to keep it somewhat sane and tidy to the best of my knowledge, but it's not that great: all devices are on the same network, no IPv6 because I don't understand how to make it work alongside v4...
My setup is like this:
- Unifi AC access point
- OpnSense router with a 1Gb/1Gb FTTH connection (via a TPLink media converter)
- 8 port dumb switch near the router
- 8 port dumb switch in the office
Devices (wired, gigabit):
- Ethernet laser printer
- Kodi media player
- ThinkPad laptop (Linux, if that makes a difference)
- Denon AVR
- Server running several services in Docker containers, LXC containers, and VMs (all Linux)
- 3 smart lamps
- 2 iPhones
- another ThinkPad (Linux)
- Nintendo Wii (the old one, doesn't have ethernet)
- Android tablet
Guest wifi (isolated from main network and from each other):
- Visiting friends
- Work laptops (Windows and OSX)
The server has a bunch of services:
- Home assistant to control smart home devices without relying on third party servers
- Automated TV shows and movies downloading via usenet and torrent
- Unifi control software
- ZNC IRC bouncer
- EDMS to keep digital copies of all our documents
- NFS network share to host everything
- More to be added as my needs change
I realize I should segregate all these devices onto separate networks. For example, the TV or the PS4 don't need to be able to reach the printer or the smart lamps. But on the other hand, Home Assistant needs to reach all the devices including the TV, smart lamps, and Kodi media player while the iPhones also need to communicate with Kodi and Home Assistant or the PS4. The TV and movies downloading services also need to reach Kodi to update its database as things are added to the NAS. I would like the smart lamps to not be able to reach the internet directly: Home Assistant takes care of everything and is the one that needs Internet access along with being able to reach devices.
Because of that, I don't know how to separate things into distinct networks: things that serve different purposes still have to talk to each other, and some serve several purposes at once (the server for instance).
I don't mind adding smart switches to the network, but I'm completely lost on what to put on which network and how to go about IPv4 numbering. I'd like to enable IPv6 eventually, but it feels like I should do one thing at a time so I'd go with network planning first.
What do you think? How would you split these across networks? Should I use VLANs or subnets are good enough? How to deal with devices that need to communicate with all the others?
submitted by TrainingSetting